HOWTO: Mobile development against a localhost HTTPS API

When doing mobile development, it is essential to be able to hit local versions of your platform’s API(s). The difficulty is mobile apps only work against SSL encrypted HTTPS endpoints (for good reason).

A few options out there are:

Disable SSL requirement in the mobile app binary and have your API run on non-tls HTTP. Downside: yet another thing you have to remember remove when building a production binary.

ngrok to the rescue

ngrok allows you to expose a public URL that will forward requests to your local HTTP server. You can piggyback off of ngrok.io‘s SSL certificate as it is trusted by your mobile devices and browsers. You launch your local API server using non-tls (HTTP) and then launch ngrok telling it what port to forward requests to.

It is ridiculously simple:

./ngrok http -bind-tls=true -subdomain=rynop-api 8081

This command sets up https ONLY (bind-tls=true) listener at https://rynop-api.ngrok.io that forwards to localhost port 8081. The -subdomain command is only available on a paid plan – but $60/year gives you a bunch of features and allows you to share your account with a team.

The huge bonus

ngrok comes with a local web admin that inspects incoming requests. The beauty is it keeps a record of these requests for local replays.

The ngrok local inspector

Go off an make something cool

The process from download to up and running should take no more than 5 minutes. Use the time saved to go off and start making that cool app your buddy/friend/neighbor/relative has been telling you about 🙂